HSTS stands for HTTP Strict Transport Security, Today I came up in a situation to renew the ssl certificate in netgate pfsense firewall. When taking the url in the browser am getting an error SEC_ERROR_EXPIRED_CERTIFICATE and my browser will not show the unsafe link to the site. And I can only renew the certificate after getting the web url and login to the pfsense firewall. Like a dedlock situation. How I solved this issue is to disable the HSTS checking in the chrome browser. Just take the url chrome://net-internals/#hsts in your chrome browser and give your ssl expired domain in the " Delete domain security policies" section and click on "Delete". That is all, now you will get the "proceed with the unsafe" link and can login and install the new ssl certificate for your pfsense firewall. Cheers.